Thread
-
Re: [PATCH] Add pg_get_policy_ddl() function to reconstruct CREATE POLICY statement
Akshay Joshi <akshay.joshi@enterprisedb.com> — 2025-10-16T11:47:22Z
On Thu, Oct 16, 2025 at 2:45 PM jian he <jian.universality@gmail.com> wrote: > hi. I still can not compile your v2. > > ../../Desktop/pg_src/src1/postgres/src/backend/utils/adt/ruleutils.c: > In function ‘get_formatted_string’: > > ../../Desktop/pg_src/src1/postgres/src/backend/utils/adt/ruleutils.c:13770:9: > error: function ‘get_formatted_string’ might be a candidate for > ‘gnu_printf’ format attribute [-Werror=suggest-attribute=format] > 13770 | appendStringInfoVA(buf, fmt, args); > | ^~~~~~~~~~~~~~~~~~ > cc1: all warnings being treated as errors > I’m relatively new to PostgreSQL development. I’m working on setting up the CI pipeline and will try to fix all warnings. > > Maybe you can register your patch on https://commitfest.postgresql.org/ > then it will run all CI tests on all kinds of OS. > > row security policy qual and with_check_qual can contain sublink/subquery. > but pg_get_expr can not cope with sublink/subquery. > > see pg_get_expr comments below: > * Currently, the expression can only refer to a single relation, namely > * the one specified by the second parameter. This is sufficient for > * partial indexes, column default expressions, etc. We also support > * Var-free expressions, for which the OID can be InvalidOid. > > see commit 6867f96 and > > https://www.postgresql.org/message-id/flat/20211219205422.GT17618%40telsasoft.com > > I guess (because I can not compile, mentioned above): > "ERROR: expression contains variables" > can be triggered by the following setup: > > create table t(a int); > CREATE POLICY p1 ON t AS RESTRICTIVE FOR ALL > USING (a IS NOT NULL AND (SELECT 1 = 1 FROM pg_rewrite WHERE > pg_get_function_arg_default(ev_class, 1) !~~ pg_get_expr(ev_qual, 0, > false))); > SELECT pg_get_policy_ddl('t', 'p1', true); > The above example works fine with my patch [image: Screenshot 2025-10-16 at 5.08.10 PM.png] > > You can also check my patch at > https://commitfest.postgresql.org/patch/6054/ > which similarly needs to build the POLICY definition for reconstruction. > > see RelationBuildRowSecurity, checkExprHasSubLink also. >